From f6f3153b3da80e8128605b592d1fa4ea6014d032 Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeff@hashicorp.com>
Date: Wed, 4 Apr 2018 03:07:10 -0400
Subject: [PATCH] Allow not showing expirations, and don't log when skipToken
 (#4263)

The latter removes a case where a token being revoked would end up
logging twice.
---
 vault/expiration.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/vault/expiration.go b/vault/expiration.go
index 9f3b3c44d..7882c709a 100644
--- a/vault/expiration.go
+++ b/vault/expiration.go
@@ -5,6 +5,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"os"
 	"path"
 	"strings"
 	"sync"
@@ -77,6 +78,8 @@ type ExpirationManager struct {
 	coreStateLock     *sync.RWMutex
 	quitContext       context.Context
 	leaseCheckCounter uint32
+
+	logLeaseExpirations bool
 }
 
 // NewExpirationManager creates a new ExpirationManager that is backed
@@ -99,6 +102,8 @@ func NewExpirationManager(c *Core, view *BarrierView, logger log.Logger) *Expira
 		coreStateLock:     &c.stateLock,
 		quitContext:       c.activeContext,
 		leaseCheckCounter: 0,
+
+		logLeaseExpirations: os.Getenv("VAULT_SKIP_LOGGING_LEASE_EXPIRATIONS") == "",
 	}
 
 	if exp.logger == nil {
@@ -524,7 +529,7 @@ func (m *ExpirationManager) revokeCommon(leaseID string, force, skipToken bool)
 	}
 	m.pendingLock.Unlock()
 
-	if m.logger.IsInfo() {
+	if m.logger.IsInfo() && !skipToken && m.logLeaseExpirations {
 		m.logger.Info("revoked lease", "lease_id", leaseID)
 	}